![](/screenshots/33180a1b-2a38-49a4-885b-48e9b8d87f9c.png)
explore.majestical.top
Open in
urlscan Pro
2606:4700:3032::ac43:d03c
Public Scan
Effective URL: https://explore.majestical.top/paEyZIZJE1Yx?oid=130&affid=15&_ef_transaction_id=651817b2eb884c9b878eccbf1f8cea86&sub1=64ec49051...
Submission Tags: @phish_report
Submission: On August 28 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on July 4th 2023. Valid for: 3 months.
This is the only time explore.majestical.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:10:... 2606:4700:10::ac43:1e1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a02:4780:3:4... 2a02:4780:3:443:0:2f46:e183:b | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 2606:4700:10:... 2606:4700:10::6814:51d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 149.56.240.127 149.56.240.127 | 16276 (OVH) (OVH) | |
1 | 2606:4700:303... 2606:4700:3037::ac43:95c7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 34.90.81.51 34.90.81.51 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 147.182.213.99 147.182.213.99 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 1 | 2606:4700:303... 2606:4700:3030::6815:1673 | () () | |
1 2 | 2606:4700:303... 2606:4700:3032::ac43:d03c | () () | |
16 | 6 |
ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net
s4.histats.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.81.90.34.bc.googleusercontent.com
run.storkmobi.com |
ASN14061 (DIGITALOCEAN-ASN, US)
www.ononesbetterthanus.top |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
majestical.top
1 redirects
explore.majestical.top |
1 KB |
2 |
histats.com
s10.histats.com — Cisco Umbrella Rank: 14329 s4.histats.com — Cisco Umbrella Rank: 14276 |
5 KB |
1 |
omeralink.co
1 redirects
link.omeralink.co |
1 KB |
1 |
ononesbetterthanus.top
1 redirects
www.ononesbetterthanus.top |
1 KB |
1 |
storkmobi.com
1 redirects
run.storkmobi.com — Cisco Umbrella Rank: 759443 |
360 B |
1 |
smrturl.co
smrturl.co — Cisco Umbrella Rank: 507331 |
843 B |
1 |
kutkuntul.top
kutkuntul.top |
1 KB |
1 |
tinyurl.com
1 redirects
tinyurl.com — Cisco Umbrella Rank: 17307 |
540 B |
0 |
jquery.com
Failed
code.jquery.com Failed |
|
0 |
melovetracking.top
Failed
www.melovetracking.top Failed |
|
0 |
jsdelivr.net
Failed
cdn.jsdelivr.net Failed |
|
0 |
liquifycdn.com
Failed
cdn1.liquifycdn.com Failed |
|
0 |
cloudflare.com
Failed
cdnjs.cloudflare.com Failed |
|
16 | 13 |
Domain | Requested by | |
---|---|---|
2 | explore.majestical.top |
1 redirects
smrturl.co
explore.majestical.top |
1 | link.omeralink.co | 1 redirects |
1 | www.ononesbetterthanus.top | 1 redirects |
1 | run.storkmobi.com | 1 redirects |
1 | smrturl.co | |
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
kutkuntul.top
|
1 | kutkuntul.top | |
1 | tinyurl.com | 1 redirects |
0 | code.jquery.com Failed |
explore.majestical.top
|
0 | www.melovetracking.top Failed |
explore.majestical.top
|
0 | cdn.jsdelivr.net Failed |
explore.majestical.top
|
0 | cdn1.liquifycdn.com Failed |
explore.majestical.top
|
0 | cdnjs.cloudflare.com Failed |
explore.majestical.top
|
16 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
kutkuntul.top R3 |
2023-08-02 - 2023-10-31 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-13 - 2024-05-11 |
a year | crt.sh |
histats.com R3 |
2023-06-06 - 2023-09-04 |
3 months | crt.sh |
smrturl.co E1 |
2023-08-06 - 2023-11-04 |
3 months | crt.sh |
majestical.top E1 |
2023-07-04 - 2023-10-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://explore.majestical.top/paEyZIZJE1Yx?oid=130&affid=15&_ef_transaction_id=651817b2eb884c9b878eccbf1f8cea86&sub1=64ec49051de170000126d695&sub2=1309_494903
Frame ID: D1276D60BC8FDFFBA0D56E572C4C91E6
Requests: 16 HTTP requests in this frame
Screenshot
![](/screenshots/33180a1b-2a38-49a4-885b-48e9b8d87f9c.png)
Page URL History Show full URLs
-
https://tinyurl.com/2p83fkxd
HTTP 301
https://kutkuntul.top/?action=register&sub_id=DUCK Page URL
- https://smrturl.co/o/494903/53267039?s1=DUCK Page URL
-
https://run.storkmobi.com/click?pid=1309&offer_id=80534&sub1=Cdb11210352b44&sub5=494903&sub6=https%3A%...
HTTP 302
https://www.ononesbetterthanus.top/N2W6N/7FHSMX/?sub1=64ec49051de170000126d695&sub2=1309_494903 HTTP 302
https://link.omeralink.co/fi_FI/paEyZIZJE1Yx?oid=130&affid=15&first_name=&last_name=&address=&zip_code... HTTP 302
https://explore.majestical.top/enter/XH7QRGxF996NyL3Bkm1NC568YCTX1tOGGN22OaM059?oid=130&affid=15&_ef_transa... HTTP 302
https://explore.majestical.top/paEyZIZJE1Yx?oid=130&affid=15&_ef_transaction_id=651817b2eb884c9b878eccbf1f8... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tinyurl.com/2p83fkxd
HTTP 301
https://kutkuntul.top/?action=register&sub_id=DUCK Page URL
- https://smrturl.co/o/494903/53267039?s1=DUCK Page URL
-
https://run.storkmobi.com/click?pid=1309&offer_id=80534&sub1=Cdb11210352b44&sub5=494903&sub6=https%3A%2F%2Fkutkuntul.top%2F&sub7=https%3A%2F%2Fkutkuntul.top%2F
HTTP 302
https://www.ononesbetterthanus.top/N2W6N/7FHSMX/?sub1=64ec49051de170000126d695&sub2=1309_494903 HTTP 302
https://link.omeralink.co/fi_FI/paEyZIZJE1Yx?oid=130&affid=15&first_name=&last_name=&address=&zip_code=&city=&phone_number=&email=&_ef_transaction_id=651817b2eb884c9b878eccbf1f8cea86&sub1=64ec49051de170000126d695&sub2=1309_494903&sub3=&sub4=&sub5= HTTP 302
https://explore.majestical.top/enter/XH7QRGxF996NyL3Bkm1NC568YCTX1tOGGN22OaM059?oid=130&affid=15&_ef_transaction_id=651817b2eb884c9b878eccbf1f8cea86&sub1=64ec49051de170000126d695&sub2=1309_494903&sub3=&sub4=&sub5= HTTP 302
https://explore.majestical.top/paEyZIZJE1Yx?oid=130&affid=15&_ef_transaction_id=651817b2eb884c9b878eccbf1f8cea86&sub1=64ec49051de170000126d695&sub2=1309_494903 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://tinyurl.com/2p83fkxd HTTP 301
- https://kutkuntul.top/?action=register&sub_id=DUCK
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
kutkuntul.top/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
51 B 185 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53267039
smrturl.co/o/494903/ |
832 B 843 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
paEyZIZJE1Yx
explore.majestical.top/ Redirect Chain
|
14 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
cdn1.liquifycdn.com/cp/form-campaign/assets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-3.6.1.min.js
explore.majestical.top/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
styles.css
explore.majestical.top/assets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
verisign-Inc.svg
cdn1.liquifycdn.com/cp/form-campaign/assets/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
mcafee-secure.svg
cdn1.liquifycdn.com/cp/form-campaign/assets/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ssl-encryption.svg
cdn1.liquifycdn.com/cp/form-campaign/assets/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
everflow.js
www.melovetracking.top/scripts/sdk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-3.6.1.min.js
code.jquery.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdnjs.cloudflare.com
- URL
- https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
- Domain
- cdn1.liquifycdn.com
- URL
- https://cdn1.liquifycdn.com/cp/form-campaign/assets/css/style.css
- Domain
- cdn.jsdelivr.net
- URL
- https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
- Domain
- explore.majestical.top
- URL
- https://explore.majestical.top/assets/js/jquery-3.6.1.min.js
- Domain
- explore.majestical.top
- URL
- https://explore.majestical.top/assets/css/styles.css?id=ed8ac1c08d4d3f9d324296f3094c43d2
- Domain
- cdnjs.cloudflare.com
- URL
- https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.min.js
- Domain
- cdn1.liquifycdn.com
- URL
- https://cdn1.liquifycdn.com/cp/form-campaign/assets/images/verisign-Inc.svg
- Domain
- cdn1.liquifycdn.com
- URL
- https://cdn1.liquifycdn.com/cp/form-campaign/assets/images/mcafee-secure.svg
- Domain
- cdn1.liquifycdn.com
- URL
- https://cdn1.liquifycdn.com/cp/form-campaign/assets/images/ssl-encryption.svg
- Domain
- www.melovetracking.top
- URL
- https://www.melovetracking.top/scripts/sdk/everflow.js
- Domain
- code.jquery.com
- URL
- https://code.jquery.com/jquery-3.6.1.min.js
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
smrturl.co/o/494903 | Name: dynamo_v_id Value: Vdbaeb90bc2120 |
|
kutkuntul.top/ | Name: PHPSESSID Value: 3fe9b2e5680c55fd76e4563c11662894 |
|
kutkuntul.top/ | Name: HstCfa4773557 Value: 1693206788104 |
|
kutkuntul.top/ | Name: HstCla4773557 Value: 1693206788104 |
|
kutkuntul.top/ | Name: HstCmu4773557 Value: 1693206788104 |
|
kutkuntul.top/ | Name: HstPn4773557 Value: 1 |
|
kutkuntul.top/ | Name: HstPt4773557 Value: 1 |
|
kutkuntul.top/ | Name: HstCnv4773557 Value: 1 |
|
kutkuntul.top/ | Name: HstCns4773557 Value: 1 |
|
run.storkmobi.com/ | Name: afclick Value: 64ec49051de170000126d695 |
|
run.storkmobi.com/ | Name: afoffers Value: {"80534":1693206789} |
|
link.omeralink.co/ | Name: XSRF-TOKEN Value: eyJpdiI6ImNQRjZRbEREMHVtSkxRT3BwdWZEVEE9PSIsInZhbHVlIjoicjR5SENNZzJrSjVRd296Z0NabWQvRkRTbXFQc1BVdGtMOFRGNzhYMlpqL216QzVGRGhIQndSMWJibys1RUlSU1hSSjM3T0ZFWUJyUEMxS3FNbVZYNTZnM0ViSGhWTktxVzU5OVNrYzNtYlJ3RTBrUzZ0L09vQWFaTlN6dlg2cXUiLCJtYWMiOiJkNDFiMDAwMzVmY2QyZGQ4YTYyNDA2YTIzZGZlOGZkZjQ0ZjQ1ZmM5YTE0ODJhY2YxYmYwODUyZWJhNjFmZjQ0IiwidGFnIjoiIn0%3D |
|
link.omeralink.co/ | Name: spring_session Value: eyJpdiI6IlNpSnhrWVJVK3BpemJoaWwxSXE1eFE9PSIsInZhbHVlIjoiWlkwdmpURy84L053azErRTBLUyt4RVF2Wm82Y2ZBeHNMK2IxMjRzZkZ6VjZMUWc3UUJ1QUFBSGV0b29Sck8ra3gyT0dCSkdnY1d2ZG9SVlZ2TmZaRm9Ra1hWV3c3MEpKWlF5MTBHU1gwaWVXWEQ3Wm9JWUk2clpUZm9COC9oQmkiLCJtYWMiOiI3MTAzNzVmYTUxN2ZlNjZkMDgwNGUyNzIzZDZjMDkxYWI2N2ZjN2UzYzI1ZWRhNGFiNzg1NjZmYTJlYjc0MzQ0IiwidGFnIjoiIn0%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdn1.liquifycdn.com
cdnjs.cloudflare.com
code.jquery.com
explore.majestical.top
kutkuntul.top
link.omeralink.co
run.storkmobi.com
s10.histats.com
s4.histats.com
smrturl.co
tinyurl.com
www.melovetracking.top
www.ononesbetterthanus.top
cdn.jsdelivr.net
cdn1.liquifycdn.com
cdnjs.cloudflare.com
code.jquery.com
explore.majestical.top
www.melovetracking.top
147.182.213.99
149.56.240.127
2606:4700:10::6814:51d
2606:4700:10::ac43:1e1
2606:4700:3030::6815:1673
2606:4700:3032::ac43:d03c
2606:4700:3037::ac43:95c7
2a02:4780:3:443:0:2f46:e183:b
34.90.81.51
1918af6db1a44fe948cd317e4b2c15256e6922436372b874903f5351eb6634a6
1b571516444fe19f942f8a8e16282dd948d4a4c4e58d09b13e1f813abfb3207e
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
b49c35288a7049eb007d506d8d98c014b33f107e0aff1ed17414e3ef52b27e51